CVE-2007-3945

CVE-2007-3945 is a medium-severity vulnerability in Rsbac Rule Set Based Access Control with a CVSS 2.0 base score of 6.4. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.

Key facts

Description

Rule Set Based Access Control (RSBAC) before 1.3.5 does not properly use the Linux Kernel Crypto API for the Linux kernel 2.6.x, which allows context-dependent attackers to bypass authentication controls via unspecified vectors, possibly involving User Management password hashing and unchecked function return codes.

Frequently asked questions

What is CVE-2007-3945?
Rule Set Based Access Control (RSBAC) before 1.3.5 does not properly use the Linux Kernel Crypto API for the Linux kernel 2.6.x, which allows context-dependent attackers to bypass authentication controls via unspecified vectors, possibly involving User Management password hashing and unchecked function return codes.
How severe is CVE-2007-3945?
CVE-2007-3945 has a CVSS 2.0 base score of 6.4, rated medium severity.
Is CVE-2007-3945 being actively exploited?
It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 2% (83rd percentile), an estimate of the probability of exploitation in the next 30 days.
What products are affected by CVE-2007-3945?
CVE-2007-3945 affects Rsbac Rule Set Based Access Control. See the affected-products list for the exact vulnerable versions.
How do I fix CVE-2007-3945?
Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
When was CVE-2007-3945 published?
CVE-2007-3945 was published on 2007-07-23 and last updated on 2026-06-16.

References

Affected products (1)

More vulnerabilities in Rsbac Rule Set Based Access Control

All CVEs affecting Rsbac Rule Set Based Access Control →